Why don't you just have the JDBCRealm do it - add digest="SHA". To programmatically do it using form-based authentication, I've used a LoginServlet that's mapped to "auth" in my login.jsp's form. In this servlet, I encrypt the password and redirect to "j_security_check" - is that what you're looking for?
Matt -----Original Message----- From: Jeff Sexton [mailto:[EMAIL PROTECTED] Sent: Thursday, May 29, 2003 4:39 PM To: Tomcat Users List Subject: RE: Alternate password encyption code? On Thu, 29 May 2003, Raible, Matt wrote: > Here's how I do it - and I generally use "SHA" as my algorithm: > Thanks, but my question is really related to the setup - I have the code I want to use for the encyrption, but I'm not sure how to tie it in with the existing JDBCRealm mechanism. How did you do that? A custom realm class? > > -----Original Message----- > From: Jeff Sexton [mailto:[EMAIL PROTECTED] > Sent: Thursday, May 29, 2003 4:25 PM > To: [EMAIL PROTECTED] > Subject: Alternate password encyption code? > > > > I need to use my own bit of java to encrypt passwords for a JDBCRealm. I > have no idea what approach is best to take with this, anyone have any > suggestions? > > Thanks > > > Jeff Sexton > The ODS Companies > [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
